QUESTION 138At the time of evidence transfer, both sender and receiver need to give the information about date and time of transfer in the chain of custody record.

A. TrueB. False

Answer: A

QUESTION 139Which of the following attacks allows an attacker to access restricted directories, including application source code, configuration and critical system files, and to execute commands outside of the web server’s root directory?

QUESTION 140The disk in the disk drive rotates at high speed, and heads in the disk drive are used only to read data.

A. TrueB. False

Answer: B

QUESTION 141The evolution of web services and their increasing use in business offers new attack vectors in an application framework. Web services are based on XML protocols such as web Services Definition Language (WSDL) for describing the connection points, Universal Description, Discovery, and Integration (UDDI) for the description and discovery of Web services and Simple Object Access Protocol (SOAP) for communication between Web services that are vulnerable to various web application threats. Which of the following layer in web services stack is vulnerable to fault code leaks?

QUESTION 144Log management includes all the processes and techniques used to collect, aggregate, and analyze computer-generated log messages. It consists of the hardware, software, network and media used to generate, transmit, store, analyze, and dispose of log data.

A. TrueB. False

Answer: A

QUESTION 145Which of the following password cracking techniques works like a dictionary attack, but adds some numbers and symbols to the words from the dictionary and tries to crack the password?

A. It is a process that consists of collecting information about and from an executable file without actually launching the file under any circumstancesB. It is a process that consists of collecting information about and from an executable file by launching the file under any circumstancesC. It is a process that consists of collecting information about and from an executable file without actually launching an executable file in a controlled and monitored environmentD. It is a process that consists of collecting information about and from an executable file by launching an executable file in a controlled and monitored environment

Answer: A

QUESTION 147Networks are vulnerable to an attack which occurs due to overextension of bandwidth, bottlenecks, network data interception, etc.Which of the following network attacks refers to a process in which an attacker changes his or her IP address so that he or she appears to be someone else?